是否可以将自定义查询参数添加到AzureAD OAuth流的redirect_uri?
我们已经尝试了但是当OAuth流重定向回redirect_uri时,我们添加的任何查询参数都被剥离了。我想知道是否有办法配置AzureAD应用程序以保留此类自定义查询参数
答案 0 :(得分:0)
是否可以将自定义查询参数添加到AzureAD OAuth流的redirect_uri?
是的,如果您将Azure AD与OWIN集成,则可以轻松添加自定义查询参数。这个问题也在here进行了讨论,这是一个代码示例供您参考:
在Startup.Auth.cs中,设置如下的OpenIdConnectAuthenticationOptions:
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
//...
Notifications = new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
MessageReceived = OnMessageReceived
},
});
使用RedirectToIdentityProvider注入自定义参数:
private Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
var stateQueryString = notification.ProtocolMessage.State.Split('=');
var protectedState = stateQueryString[1];
var state = notification.Options.StateDataFormat.Unprotect(protectedState);
state.Dictionary.Add("mycustomparameter", "myvalue");
notification.ProtocolMessage.State = stateQueryString[0] + "=" + notification.Options.StateDataFormat.Protect(state);
return Task.FromResult(0);
}
然后使用MessageReceived提取它:
private Task OnMessageReceived(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
string mycustomparameter;
var protectedState = notification.ProtocolMessage.State.Split('=')[1];
var state = notification.Options.StateDataFormat.Unprotect(protectedState);
state.Dictionary.TryGetValue("mycustomparameter", out mycustomparameter);
return Task.FromResult(0);
}